Details of VAR-201312-0272

ID

VAR-201312-0272

CVE

CVE-2013-6920

TITLE

Siemens SINAMICS S/G Security Bypass Vulnerability

Trust: 0.8

sources: IVD: 6c5b7c0e-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-14924

DESCRIPTION

Siemens SINAMICS S/G controllers with firmware before 4.6.11 do not require authentication for FTP and TELNET sessions, which allows remote attackers to bypass intended access restrictions via TCP traffic to port (1) 21 or (2) 23. Siemens SINAMICS S/G is a frequency converter developed by Siemens and is mainly used for mechanical engineering and plant construction. Siemens SINAMICS S/G are prone to a remote security bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and execute administrative commands without proper credentials. Siemens SINAMICS S/G running firmware versions prior to 4.6.11 are vulnerable. The vulnerability stems from the fact that FTP and TELNET sessions do not perform authentication operations

Trust: 2.7

sources: NVD: CVE-2013-6920 // JVNDB: JVNDB-2013-005385 // CNVD: CNVD-2013-14924 // BID: 64097 // IVD: 6c5b7c0e-2352-11e6-abef-000c29c66e3d // VULHUB: VHN-66922

IOT TAXONOMY

category:	['ICS', 'Network device']	sub_category:	-	Trust: 0.6
category:	['ICS']	sub_category:	-	Trust: 0.2

sources: IVD: 6c5b7c0e-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-14924

AFFECTED PRODUCTS

vendor:	siemens	model:	sinamics g110d	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	sinamics g120c	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	sinamics s110	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	sinamics s120cm	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	sinamics g120d	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	sinamics g180	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	sinamics s\/g family	scope:	lte	version:	4.6	Trust: 1.0
vendor:	siemens	model:	sinamics g150	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	sinamics g120p	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	sinamics s150	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	sinamics g110	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	sinamics g120	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	sinamics g130	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	sinamics s120	scope:	eq	version:	-	Trust: 1.0
vendor:	siemens	model:	sinamics g110	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	sinamics g110d	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	sinamics g120	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	sinamics g120c	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	sinamics g120d	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	sinamics g120p	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	sinamics g130	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	sinamics g150	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	sinamics g180	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	sinamics s/g family	scope:	lt	version:	4.6.11	Trust: 0.8
vendor:	siemens	model:	sinamics s110	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	sinamics s120	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	sinamics s120 cm	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	sinamics s150	scope:	-	version:	-	Trust: 0.8
vendor:	siemens	model:	sinamics s/g	scope:	lt	version:	4.6.11	Trust: 0.6
vendor:	siemens	model:	sinamics s\/g family	scope:	eq	version:	4.6	Trust: 0.6
vendor:	siemens	model:	sinamics s	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	sinamics g	scope:	eq	version:	0	Trust: 0.3
vendor:	siemens	model:	sinamics s	scope:	ne	version:	4.7	Trust: 0.3
vendor:	siemens	model:	sinamics s	scope:	ne	version:	4.6.11	Trust: 0.3
vendor:	siemens	model:	sinamics g	scope:	ne	version:	4.7	Trust: 0.3
vendor:	siemens	model:	sinamics g	scope:	ne	version:	4.6.11	Trust: 0.3
vendor:	sinamics s120	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	sinamics g120c	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	sinamics g120d	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	sinamics s150	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	sinamics g150	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	sinamics s110	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	sinamics g110	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	sinamics s 2fg family	model:	-	scope:	eq	version:	4.6	Trust: 0.2
vendor:	sinamics g120	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	sinamics g110d	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	sinamics g180	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	sinamics g130	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	sinamics s120cm	model:	-	scope:	eq	version:	-	Trust: 0.2
vendor:	sinamics g120p	model:	-	scope:	eq	version:	-	Trust: 0.2

sources: IVD: 6c5b7c0e-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-14924 // BID: 64097 // JVNDB: JVNDB-2013-005385 // CNNVD: CNNVD-201312-134 // NVD: CVE-2013-6920

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-6920
value:	HIGH
Trust: 1.0
NVD:	CVE-2013-6920
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2013-14924
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201312-134
value:	CRITICAL
Trust: 0.6
IVD:	6c5b7c0e-2352-11e6-abef-000c29c66e3d
value:	CRITICAL
Trust: 0.2
VULHUB:	VHN-66922
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2013-6920
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2013-14924
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	6c5b7c0e-2352-11e6-abef-000c29c66e3d
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
VULHUB:	VHN-66922
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: IVD: 6c5b7c0e-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-14924 // VULHUB: VHN-66922 // JVNDB: JVNDB-2013-005385 // CNNVD: CNNVD-201312-134 // NVD: CVE-2013-6920

PROBLEMTYPE DATA

problemtype:

CWE-287

Trust: 1.9

sources: VULHUB: VHN-66922 // JVNDB: JVNDB-2013-005385 // NVD: CVE-2013-6920

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201312-134

TYPE

authorization issue

Trust: 0.6

sources: CNNVD: CNNVD-201312-134

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-005385

PATCH

title:	SSA-742938	url:	http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-742938.pdf	Trust: 0.8
title:	Siemens SINAMICS S/G security bypass vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/41496	Trust: 0.6
title:	Siemens SINAMICS S/G Controller Authentication Bypass Vulnerability Fixes	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=109060	Trust: 0.6

sources: CNVD: CNVD-2013-14924 // JVNDB: JVNDB-2013-005385 // CNNVD: CNNVD-201312-134

EXTERNAL IDS

db:	NVD	id:	CVE-2013-6920	Trust: 3.6
db:	ICS CERT	id:	ICSA-13-338-01	Trust: 3.4
db:	SIEMENS	id:	SSA-742938	Trust: 2.6
db:	BID	id:	64097	Trust: 1.0
db:	CNNVD	id:	CNNVD-201312-134	Trust: 0.9
db:	CNVD	id:	CNVD-2013-14924	Trust: 0.8
db:	JVNDB	id:	JVNDB-2013-005385	Trust: 0.8
db:	IVD	id:	6C5B7C0E-2352-11E6-ABEF-000C29C66E3D	Trust: 0.2
db:	VULHUB	id:	VHN-66922	Trust: 0.1

sources: IVD: 6c5b7c0e-2352-11e6-abef-000c29c66e3d // CNVD: CNVD-2013-14924 // VULHUB: VHN-66922 // BID: 64097 // JVNDB: JVNDB-2013-005385 // CNNVD: CNNVD-201312-134 // NVD: CVE-2013-6920

REFERENCES

url:	http://ics-cert.us-cert.gov/advisories/icsa-13-338-01	Trust: 3.4
url:	http://www.siemens.com/innovation/pool/de/forschungsfelder/siemens_security_advisory_ssa-742938.pdf	Trust: 2.6
url:	https://cert-portal.siemens.com/productcert/pdf/ssa-742938.pdf	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6920	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6920	Trust: 0.8
url:	http://www.siemens.com/	Trust: 0.3
url:	http://www.industry.siemens.com/drives/global/en/converter/low-voltage-drives/pages/default.aspx	Trust: 0.3

sources: CNVD: CNVD-2013-14924 // VULHUB: VHN-66922 // BID: 64097 // JVNDB: JVNDB-2013-005385 // CNNVD: CNNVD-201312-134 // NVD: CVE-2013-6920

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 64097

SOURCES

db:	IVD	id:	6c5b7c0e-2352-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2013-14924
db:	VULHUB	id:	VHN-66922
db:	BID	id:	64097
db:	JVNDB	id:	JVNDB-2013-005385
db:	CNNVD	id:	CNNVD-201312-134
db:	NVD	id:	CVE-2013-6920

LAST UPDATE DATE

2024-08-14T13:35:28.694000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2013-14924	date:	2013-12-09T00:00:00
db:	VULHUB	id:	VHN-66922	date:	2020-02-10T00:00:00
db:	BID	id:	64097	date:	2013-12-04T00:00:00
db:	JVNDB	id:	JVNDB-2013-005385	date:	2013-12-10T00:00:00
db:	CNNVD	id:	CNNVD-201312-134	date:	2020-02-11T00:00:00
db:	NVD	id:	CVE-2013-6920	date:	2020-02-10T15:15:12.573

SOURCES RELEASE DATE

db:	IVD	id:	6c5b7c0e-2352-11e6-abef-000c29c66e3d	date:	2013-12-09T00:00:00
db:	CNVD	id:	CNVD-2013-14924	date:	2013-12-09T00:00:00
db:	VULHUB	id:	VHN-66922	date:	2013-12-07T00:00:00
db:	BID	id:	64097	date:	2013-12-04T00:00:00
db:	JVNDB	id:	JVNDB-2013-005385	date:	2013-12-10T00:00:00
db:	CNNVD	id:	CNNVD-201312-134	date:	2013-12-09T00:00:00
db:	NVD	id:	CVE-2013-6920	date:	2013-12-07T00:55:04.147